1. Field of the Invention
Implementations consistent with principles of the invention relate generally to communication systems and, more particularly, to secure delivery of flash content over networks.
2. Description of Related Art
The term “flash,” as used herein, may refer to a Macromedia flash player, a multimedia authoring program used to create content for the flash player, and/or media assets (e.g., images, games, graphics, video, etc.) created using the multimedia authoring program. Flash as a format has become very widespread on the desktop market, and may be one of the most popular plug-ins for web browsers. Vector graphics (e.g., PostScript, SVG, PDF, etc.) may permit flash files to translate to small file sizes which may take less bandwidth to transmit than bitmaps and/or video clips.
Flash players may exist for a wide variety of different systems and devices. For example, flash content may run on Microsoft Windows, MacOs, Linux, and various other Unix systems. Flash players may operate within, for example, the GNU/Linux x86, Mac OS 9/X, Solaris, HP-UX, Pocket PC, OS/2, Symbian, Palm OS, BeOs, and IRIX operating systems, as well as other operating systems.
A flash program (e.g., a file having a “.swf” file extension) may include content (e.g., media assets), and sequences of executable code to manipulate the content and handle user interactivity. In a typical web environment, a flash program may be delivered by a web server to a client browser, which may invoke a flash player to execute the flash program. The executable code, which may be referred to as “action code,” may be based on a set of binary instructions defined on a virtual machine built into the flash player. A binary action code sequence may result from compiling the flash multimedia authoring programming language, which may be referred to as “ActionScript.” However, it may be possible to generate the binary action code sequence by other mechanisms. The virtual machine may provide facilities for invoking network communications via action code sequences.
Flash authors may not wish to expose their images and/or action code to the world. However, once a flash program is saved locally, it may be decompiled into its source code and media assets. Some decompilers may be capable of nearly full reconstruction of the original source file, down to the action code that was used during creation.
Organizations may utilize flash programs for a variety of purposes. For example, more and more organizations are adopting flash content in developing corporate web media assets and applications. However, these same organizations are continuously looking to prevent information leakage from their internal networks and endpoints (e.g., devices connected to the networks). In today's world of mobile employees and extranet partners, both of which may need to connect to an internal network, this is becoming increasingly important. For example, information leakage may occur with confidential flash content sent to a mobile employee, because the employee may receive unprotected flash content via an external or public network (e.g., the Internet).
An existing solution to this problem for flash content may be to provide client-side traffic tunneling software. Unfortunately, traffic tunneling may require that a piece of software (e.g., ActiveX component, Java applet, etc.) be downloaded and executed on a client device (e.g., a laptop of a mobile employee). Thus, traffic tunneling is not a “clientless” solution, and may require providing administrative privileges on the client device. This may expose the organization's internal network (e.g., the internal network server containing the flash content) to information leakage because the client device may directly connect to the internal network server, and the confidential flash content may not be securely accessible from outside the organization.